← Home

@wix/auto_sdk_stores_info-sections-v-3

npm
51
Versions
License
No
Install Scripts
Missing
Provenance

Supply chain provenance

Status for the latest visible version.

No SLSA provenance npm registry signatures No source commit

Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.

Maintainers

yoavwix-cishahatawixnpmwix-ambassadorwix-ci-publisherwix-bi-publishergalil-teamusability-sessionsyurynixydanivmayacoamitde007haimbrum-wixyoungshinobiethanpshlomitc-wixarielhwix-org-headlessfalconcinadavlacroir-wixdorchaouat

Accepted risks

Findings the reviewer chose to accept rather than block on.

SourceRuleReasonAccepted byWhen
source-diff obfuscated-file:build/internal/es/index.d.mts AI (source-diff): TypeScript declaration file with long export lists; not obfuscated code. Stable pattern for Wix auto-generated SDK packages. ai
source-diff obfuscated-file:build/es/index.d.mts AI (source-diff): TypeScript declaration file with long export lists; not obfuscated code. Stable pattern for Wix auto-generated SDK packages. ai
source-diff obfuscated-file:build/internal/es/index.typings.d.mts AI (source-diff): Same as above — generated .d.mts with long type lines, not obfuscated code. ai
source-diff obfuscated-file:build/es/index.typings.d.mts AI (source-diff): Generated TypeScript declaration file; long lines are SDK type unions, not obfuscation. Stable pattern for Wix auto-SDK packages. ai
source-diff obfuscated-file:build/stores-catalog-v3-info-section-info-sections-v-3.universal-DHZlrxas.d.mts AI (source-diff): Same pattern as above. ai
source-diff obfuscated-file:build/internal/index.d.ts AI (source-diff): Same tsup-generated pattern. ai
source-diff obfuscated-file:build/internal/stores-catalog-v3-info-section-info-sections-v-3.universal-DHZlrxas.d.ts AI (source-diff): Bundled type declaration; stable false positive for this package family. ai
source-diff obfuscated-file:build/stores-catalog-v3-info-section-info-sections-v-3.universal-DHZlrxas.d.ts AI (source-diff): Same pattern; stable false positive. ai
source-diff obfuscated-file:build/index.d.ts AI (source-diff): tsup-generated declaration file with long re-export lines; benign. ai
source-diff obfuscated-file:build/index.d.mts AI (source-diff): Long-line TypeScript declaration file generated by tsup bundler; stable pattern for Wix auto-SDK packages. ai
source-diff obfuscated-file:build/internal/index.d.mts AI (source-diff): Same tsup-generated .d.mts pattern; not obfuscation. ai
source-diff obfuscated-file:build/internal/stores-catalog-v3-info-section-info-sections-v-3.universal-DHZlrxas.d.mts AI (source-diff): Bundled type declaration; long lines from re-exports, not obfuscation. ai
bogus-package bogus-package AI (bogus-package): Wix auto-generated SDK package; templated name/no-description/no-repo are expected for this CI-generated package family. ai
provenance no-provenance AI (provenance): Wix CI pipeline does not attach Sigstore provenance; consistent across all versions. ai
npm-metadata no-description AI (npm-metadata): Wix auto-generated SDK stubs consistently omit descriptions; stable false positive for this package. ai

Versions (showing 51 of 72)

View all versions
Version Deps Published
1.0.95 3 / 2
1.0.94 3 / 2
1.0.93 3 / 2
1.0.92 3 / 2
1.0.91 3 / 2
1.0.90 3 / 2
1.0.89 3 / 2
1.0.88 3 / 2
1.0.87 3 / 2
1.0.86 3 / 2
1.0.82 2 / 2
1.0.81 2 / 2
1.0.80 2 / 2
1.0.79 2 / 2
1.0.78 2 / 2
1.0.77 2 / 2
1.0.76 2 / 2
1.0.75 2 / 2
1.0.74 2 / 2
1.0.73 2 / 2
1.0.72 2 / 2
1.0.71 2 / 2
1.0.70 2 / 2
1.0.69 2 / 2
1.0.68 2 / 2
1.0.67 2 / 2
1.0.66 2 / 2
1.0.65 2 / 2
1.0.64 2 / 2
1.0.63 2 / 2
1.0.62 2 / 2
1.0.61 2 / 2
1.0.60 2 / 2
1.0.59 2 / 2
1.0.58 2 / 2
1.0.57 2 / 2
1.0.56 2 / 2
1.0.55 2 / 2
1.0.54 2 / 2
1.0.53 2 / 2
1.0.52 2 / 2
1.0.51 2 / 2
1.0.50 2 / 2
1.0.49 2 / 2
1.0.48 2 / 2
1.0.47 2 / 2
1.0.46 2 / 2
1.0.45 2 / 2
1.0.44 2 / 2
1.0.43 2 / 2
1.0.42 2 / 2

v1.0.95

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.0.94

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.0.93

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.0.92

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.0.91

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.0.90

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.0.89

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.0.87

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.0.86

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.0.82

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.0.81

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.0.80

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.0.79

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.0.78

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v1.0.77

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.0.76

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.0.75

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.0.74

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.0.72

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.0.71

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.0.70

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.0.69

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.0.68

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.0.67

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.0.66

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.0.65

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.0.64

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.0.63

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.0.62

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.0.61

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.0.59

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.0.58

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.0.57

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.0.56

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.0.55

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.0.54

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.0.53

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.0.52

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.0.51

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.0.50

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.0.49

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.0.48

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.0.47

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.0.46

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.0.45

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.0.44

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.0.43

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v1.0.42

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.